CVE-2005-1751 shtool Symlink Arbitrary File Manipulation

Timeline :

Reference(s) :

Affected version(s) :

shtool before or equal to 2.0.1

Description :

shtool contains a flaw that may allow a malicious local user to overwrite or create arbitrary files on the system. The issue is due to the script creating temporary files insecurely. It is possible for a user to use a symlink style attack to manipulate arbitrary files, resulting in a loss of integrity.